mirror of
https://github.com/reactos/reactos.git
synced 2024-12-31 19:42:51 +00:00
[SAMSRV]
- Implement SamIConnect. - Add a trusted caller flag to the database object type and inherit it to opened or created sub objects. - Restrict access to SamrQueryInformationUser.UserInternal1Information for non-trusted callers. svn path=/trunk/; revision=58472
This commit is contained in:
parent
8caefdd06a
commit
39d6a91610
5 changed files with 60 additions and 6 deletions
|
@ -210,7 +210,7 @@ SampCreateDbObject(IN PSAM_DB_OBJECT ParentObject,
|
|||
}
|
||||
|
||||
NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
|
||||
0,
|
||||
HEAP_ZERO_MEMORY,
|
||||
sizeof(SAM_DB_OBJECT));
|
||||
if (NewObject == NULL)
|
||||
{
|
||||
|
@ -243,6 +243,9 @@ SampCreateDbObject(IN PSAM_DB_OBJECT ParentObject,
|
|||
NewObject->RelativeId = RelativeId;
|
||||
NewObject->ParentObject = ParentObject;
|
||||
|
||||
if (ParentObject != NULL)
|
||||
NewObject->Trusted = ParentObject->Trusted;
|
||||
|
||||
*DbObject = NewObject;
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
|
@ -359,7 +362,7 @@ SampOpenDbObject(IN PSAM_DB_OBJECT ParentObject,
|
|||
}
|
||||
|
||||
NewObject = RtlAllocateHeap(RtlGetProcessHeap(),
|
||||
0,
|
||||
HEAP_ZERO_MEMORY,
|
||||
sizeof(SAM_DB_OBJECT));
|
||||
if (NewObject == NULL)
|
||||
{
|
||||
|
@ -391,6 +394,9 @@ SampOpenDbObject(IN PSAM_DB_OBJECT ParentObject,
|
|||
NewObject->RelativeId = RelativeId;
|
||||
NewObject->ParentObject = ParentObject;
|
||||
|
||||
if (ParentObject != NULL)
|
||||
NewObject->Trusted = ParentObject->Trusted;
|
||||
|
||||
*DbObject = NewObject;
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
|
|
|
@ -57,6 +57,8 @@ static GENERIC_MAPPING UserMapping =
|
|||
USER_ALL_ACCESS
|
||||
};
|
||||
|
||||
PGENERIC_MAPPING pServerMapping = &ServerMapping;
|
||||
|
||||
|
||||
/* FUNCTIONS *****************************************************************/
|
||||
|
||||
|
@ -6043,14 +6045,19 @@ done:
|
|||
}
|
||||
|
||||
|
||||
static NTSTATUS
|
||||
static
|
||||
NTSTATUS
|
||||
SampQueryUserInternal1(PSAM_DB_OBJECT UserObject,
|
||||
PSAMPR_USER_INFO_BUFFER *Buffer)
|
||||
PSAMPR_USER_INFO_BUFFER *Buffer)
|
||||
{
|
||||
PSAMPR_USER_INFO_BUFFER InfoBuffer = NULL;
|
||||
ULONG Length = 0;
|
||||
NTSTATUS Status = STATUS_SUCCESS;
|
||||
|
||||
/* Fail, if the caller is not a trusted caller */
|
||||
if (UserObject->Trusted == FALSE)
|
||||
return STATUS_INVALID_INFO_CLASS;
|
||||
|
||||
*Buffer = NULL;
|
||||
|
||||
InfoBuffer = midl_user_allocate(sizeof(SAMPR_USER_INFO_BUFFER));
|
||||
|
|
|
@ -25,6 +25,43 @@ WINE_DEFAULT_DEBUG_CHANNEL(samsrv);
|
|||
|
||||
/* FUNCTIONS ****************************************************************/
|
||||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SamIConnect(IN PSAMPR_SERVER_NAME ServerName,
|
||||
OUT SAMPR_HANDLE *ServerHandle,
|
||||
IN ACCESS_MASK DesiredAccess,
|
||||
IN BOOLEAN Trusted)
|
||||
{
|
||||
PSAM_DB_OBJECT ServerObject;
|
||||
NTSTATUS Status;
|
||||
|
||||
TRACE("SamIConnect(%p %p %lx %ld)\n",
|
||||
ServerName, ServerHandle, DesiredAccess, Trusted);
|
||||
|
||||
/* Map generic access rights */
|
||||
RtlMapGenericMask(&DesiredAccess,
|
||||
pServerMapping);
|
||||
|
||||
/* Open the Server Object */
|
||||
Status = SampOpenDbObject(NULL,
|
||||
NULL,
|
||||
L"SAM",
|
||||
0,
|
||||
SamDbServerObject,
|
||||
DesiredAccess,
|
||||
&ServerObject);
|
||||
if (NT_SUCCESS(Status))
|
||||
{
|
||||
ServerObject->Trusted = Trusted;
|
||||
*ServerHandle = (SAMPR_HANDLE)ServerObject;
|
||||
}
|
||||
|
||||
TRACE("SamIConnect done (Status 0x%08lx)\n", Status);
|
||||
|
||||
return Status;
|
||||
}
|
||||
|
||||
|
||||
NTSTATUS
|
||||
NTAPI
|
||||
SamIInitialize(VOID)
|
||||
|
|
|
@ -50,6 +50,7 @@ typedef struct _SAM_DB_OBJECT
|
|||
HANDLE KeyHandle;
|
||||
HANDLE MembersKeyHandle; // only used by Aliases
|
||||
ULONG RelativeId;
|
||||
BOOLEAN Trusted;
|
||||
struct _SAM_DB_OBJECT *ParentObject;
|
||||
} SAM_DB_OBJECT, *PSAM_DB_OBJECT;
|
||||
|
||||
|
@ -113,6 +114,9 @@ typedef struct _SAM_USER_FIXED_DATA
|
|||
} SAM_USER_FIXED_DATA, *PSAM_USER_FIXED_DATA;
|
||||
|
||||
|
||||
extern PGENERIC_MAPPING pServerMapping;
|
||||
|
||||
|
||||
/* database.c */
|
||||
|
||||
NTSTATUS
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
@ stub SamIAmIGC
|
||||
@ stub SamIChangePasswordForeignUser
|
||||
@ stub SamIChangePasswordForeignUser2
|
||||
@ stub SamIConnect
|
||||
@ stdcall SamIConnect(ptr ptr long long)
|
||||
@ stub SamICreateAccountByRid
|
||||
@ stub SamIDemote
|
||||
@ stub SamIDemoteUndo
|
||||
|
@ -156,4 +156,4 @@
|
|||
@ stdcall SamrTestPrivateFunctionsDomain(ptr)
|
||||
@ stdcall SamrTestPrivateFunctionsUser(ptr)
|
||||
@ stdcall SamrUnicodeChangePasswordUser2(ptr ptr ptr ptr ptr long ptr ptr)
|
||||
; EOF
|
||||
; EOF
|
||||
|
|
Loading…
Reference in a new issue